User:Maxburkhardt/paperoutline

Preliminary Opinion: Port scanning is legal under the laws of the United States, but it should be punishable if performed without consent of the owner of the scanned system.


 * Introduction
 * Discussion of the legitimacy of comparing computer networking to real-life actions. A connection between two computers is much more fleeting and insignificant than a connection between people or businesses, and therefore some laws do not necessarily carry over verbatim.
 * Description of port scanning, including technical description
 * The concept of ports
 * Extremely brief TCP description (including the concept of a "stateful" protocol).
 * Ease of scanning & ease of detection
 * Usefulness before a hacking attempt
 * Moulton v. VC3
 * Description of the case
 * Analysis
 * Related Laws (beginning of discussion of the U.S.'s hacking laws)
 * Computer Fraud & Abuse Act (U.S.C. 1030)
 * Unauthorized Access Case Study: SSH bruteforcing
 * Unauthorized Access Case Study: Publicly available administration page (including the relation of this case to a port scan).
 * Georgia Computer Systems Protection Act (used in Moulton)
 * California state laws regarding computer abuse (research needed here).
 * Potential relation to espionage laws (is scanning a secret federal computer equivalent to mapping out a secret federal facility?)
 * The "intent" issue
 * Is port scanning without malicious intent okay?
 * Legitimate uses of port scanning
 * Port scanning cases outside the United States
 * Avi Mizrahi (from Israel, brought to court and later acquitted)
 * An unnamed Swedish minor, who was caught port scanning and also acquitted.
 * Countries that have outlawed port scanning
 * Germany: "no hacking tools"
 * U.K.: similar law proposed
 * Conclusion